In the Linux kernel, the following vulnerability has been resolved:

usb: yurex: fix race in probe

The bbu member of the descriptor must be set to the value
standing for uninitialized values before the URB whose
completion handler sets bbu is submitted. Otherwise there is
a window during which probing can overwrite already retrieved
data.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Linux Linux unaffected
Version Status Constraints
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < a7934d7202a39c3160aa30521c382c7b744ae4a2
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < a8b3b3d730acea1640bc89465f2832cf06a1e13a
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < 687d26d43a5aaf44323ce7d601cf242bb87e9559
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < 939e3d17b843b0bae70467fef4481069d73c8520
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < 3cec135415a89723e2d38e1c8cc5098203355965
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < a41d3d9202e951995cfac6248c565423079c71fa
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < af83e92c329f11139d5eea2b5b7b83c26c3f67e7
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < 7a875c09899ba0404844abfd8f0d54cdc481c151
Linux Linux affected
Version Status Constraints
5.10.253 unaffected ≤ 5.10.*
5.15.203 unaffected ≤ 5.15.*
6.1.167 unaffected ≤ 6.1.*
6.6.130 unaffected ≤ 6.6.*
6.12.78 unaffected ≤ 6.12.*
6.18.19 unaffected ≤ 6.18.*
6.19.9 unaffected ≤ 6.19.*
7.0 unaffected ≤ *

No data.

No data.

No data.

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/3cec135415a89723e2d38e1c8cc5098203355965 cve-icon cve-icon
https://git.kernel.org/stable/c/687d26d43a5aaf44323ce7d601cf242bb87e9559 cve-icon cve-icon
https://git.kernel.org/stable/c/7a875c09899ba0404844abfd8f0d54cdc481c151 cve-icon cve-icon
https://git.kernel.org/stable/c/939e3d17b843b0bae70467fef4481069d73c8520 cve-icon cve-icon
https://git.kernel.org/stable/c/a41d3d9202e951995cfac6248c565423079c71fa cve-icon cve-icon
https://git.kernel.org/stable/c/a7934d7202a39c3160aa30521c382c7b744ae4a2 cve-icon cve-icon
https://git.kernel.org/stable/c/a8b3b3d730acea1640bc89465f2832cf06a1e13a cve-icon cve-icon
https://git.kernel.org/stable/c/af83e92c329f11139d5eea2b5b7b83c26c3f67e7 cve-icon cve-icon
History

Fri, 08 May 2026 14:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before the URB whose completion handler sets bbu is submitted. Otherwise there is a window during which probing can overwrite already retrieved data.
Title usb: yurex: fix race in probe
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-08T14:22:02.458Z

Reserved: 2026-05-01T14:12:56.009Z

Link: CVE-2026-43430

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-08T15:16:55.243

Modified: 2026-05-08T15:16:55.243

Link: CVE-2026-43430

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses

No weakness.